-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): bump nanoid from 4.0.2 to 5.0.9 #875
base: main
Are you sure you want to change the base?
Conversation
Bumps [nanoid](https://github.com/ai/nanoid) from 4.0.2 to 5.0.9. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@4.0.2...5.0.9) --- updated-dependencies: - dependency-name: nanoid dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Thank you for submitting this pull request! We appreciate your contribution to the project. Before we can merge it, we need to review the changes you've made to ensure they align with our code standards and meet the requirements of the project. We'll get back to you as soon as we can with feedback. Thanks again! |
Reviewer's Guide by SourceryThis PR updates the nanoid dependency from version 4.0.2 to 5.0.9. The update includes several improvements and bug fixes, most notably the migration to Web Crypto API for Node.js version and removal of async API. The implementation is straightforward, only requiring updates to package.json and yarn.lock files. No diagrams generated as the changes look simple and do not need a visual representation. File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
Thanks for making updates to your pull request. Our team will take a look and provide feedback as soon as possible. Please wait for any GitHub Actions to complete before editing your pull request. If you have any additional questions or concerns, feel free to let us know. Thank you for your contributions! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!
Quality Gate passedIssues Measures |
Bumps nanoid from 4.0.2 to 5.0.9.
Release notes
Sourced from nanoid's releases.
Changelog
Sourced from nanoid's changelog.
Commits
65a38ac
Release 5.0.9 versionb00d120
Merge after 3.3.8 release3044cd5
Release 3.3.8 versioncdc3edc
Update size limit4fe3495
Update size limitd643045
Fix pool pollution, infinite loop (#510)0daa00f
Additional fixes and tests for #508 (#509)313a14e
Update dependencieseb2db95
Fix size limit and linting9da8f60
Fix pool pollution, infinite loop (#508)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.
Summary by Sourcery
Chores: